VYPR
Unrated severityNVD Advisory· Published Nov 12, 2024· Updated Nov 13, 2024

CVE-2024-26011

CVE-2024-26011

Description

A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*range: 7.4.0
    • (no CPE)range: >=7.4.0 <=7.4.2 || >=7.2.0 <=7.2.4 || >=7.0.0 <=7.0.11 || >=6.4.0 <=6.4.14
  • cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*
    Range: 7.4.0
  • Fortinet/Fortipamv52 versions
    cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*range: 1.2.0
    • (no CPE)range: =1.2.0 || >=1.1.0 <=1.1.2 || >=1.0.0 <=1.0.3
  • Fortinet/Fortiproxyllm-fuzzy2 versions
    >=7.4.0 <=7.4.2 || >=7.2.0 <=7.2.9 || >=7.0.0 <=7.0.17 || >=2.0.0 <=2.0.14 || >=1.2.0 <=1.2.13 || >=1.1.0 <=1.1.6 || >=1.0.0 <=1.0.7+ 1 more
    • (no CPE)range: >=7.4.0 <=7.4.2 || >=7.2.0 <=7.2.9 || >=7.0.0 <=7.0.17 || >=2.0.0 <=2.0.14 || >=1.2.0 <=1.2.13 || >=1.1.0 <=1.1.6 || >=1.0.0 <=1.0.7
    • (no CPE)range: 7.4.0
  • Range: 6.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.